package com.example.lockfulldemo.config;

import org.springframework.context.annotation.Bean;
import org.springframework.context.annotation.Configuration;
import org.springframework.security.config.annotation.web.builders.HttpSecurity;
import org.springframework.security.config.annotation.web.configuration.WebSecurityConfigurerAdapter;
import org.springframework.security.config.http.SessionCreationPolicy;
import org.springframework.security.crypto.bcrypt.BCryptPasswordEncoder;
import org.springframework.security.crypto.password.PasswordEncoder;

/**
 * @author Think
 */
@Configuration
public class SecurityConfig extends WebSecurityConfigurerAdapter {

    @Bean
    public PasswordEncoder passwordEncoder(){
        return new BCryptPasswordEncoder();
    }

    @Override
    protected void configure(HttpSecurity http) throws Exception {
        //此处的限制优先级由先到后
        http.authorizeRequests()
                .antMatchers("/security/one").hasAnyAuthority("p1")
                .antMatchers("/security/two").hasAnyAuthority("p2")
                .antMatchers("/security/three").hasAnyAuthority("p3")
                //以角色为维度来配置权限
//                .antMatchers("/security/three").hasRole("p3")
                //对相应路径进行登录鉴权
                .antMatchers("/security/**").authenticated()
                //其余请求都放行
                .anyRequest().permitAll()
                .and()
                //session保持机制
                .sessionManagement()
                .sessionCreationPolicy(SessionCreationPolicy.IF_REQUIRED)
                .and()
                //允许表单登录
                .formLogin()
        //登录页面
//                .loginPage("")
                //登录受理的地址---表单提交之后 用户名/密码提交的目的路劲
//                .loginProcessingUrl("");
                //登录成功后的跳转地址
//                .successForwardUrl("/demo/query/aaa")
//                .and()
//                .logout()
//                //自定义登出地址
//                .logoutUrl("")
//                //登出后跳转页面
//                .logoutSuccessUrl("")
//                //登出成功后处理
//                .logoutSuccessHandler(null)
//                //登出后处理（无论是否成功）
//                .addLogoutHandler(null)
                    ;
        http.exceptionHandling().accessDeniedPage("/demo/query/cause");
    }
}
